Biblio

With the rapid development of information technology, hacker invasion, Internet fraud and privacy disclosure and other events frequently occur, therefore information security issues become the focus of attention. Protecting the secure transmission of information has become a hot topic in today's research. As the carrier of information, image has the characteristics of vivid image and large amount of information. It has become an indispensable part of people's communication. In this paper, we proposed the key simulation analysis research based on M-J set. The research uses a complex iterative mapping to construct M set. On the basis of the constructed M set, the constructed Julia set is used to form the encryption key. The experimental results show that the generalized M-set has the characteristics of chaotic characteristic and initial value sensitivity, and the complex mapping greatly exaggerates the key space. The research on the key space based on the generalized M-J set is helpful to improve the effect of image encryption.

MIMO system makes full use of the space dimension, in the era of increasingly tense spectrum resources, which greatly improves the spectrum efficiency and is one of the future communication support technologies. At the same time, considering the high cost of direct communication between the two parties in a long distance, the relay communication mode has been paid more and more attention. In relay communication network, each node connected by relay has different security levels. In order to forward the information of all nodes, the relay node has the lowest security permission level. Therefore, it is meaningful to study the physical layer security problem in MIMO two-way relay system with relay as the eavesdropper. In view of the above situation, this paper proposes the physical layer security model of MIMO two-way relay cooperative communication network, designs a communication matching grouping algorithm with low complexity and a two-step carrier allocation optimization algorithm, which improves the total security capacity of the system. At the same time, theoretical analysis and simulation verify the effectiveness of the proposed algorithm.

In recent years, the detection of illegal and harmful messages which plays an significant role in Internet service is highly valued by the government and society. Although artificial intelligence technology is increasingly applied to actual operating systems, it is still a big challenge to be applied to systems that require high real-time performance. This paper provides a real-time detection system solution based on artificial intelligence technology. We first introduce the background of real-time detection of illegal and harmful messages. Second, we propose a complete set of intelligent detection system schemes for real-time detection, and conduct technical exploration and innovation in the media classification process including detection model optimization, traffic monitoring and automatic configuration algorithm. Finally, we carry out corresponding performance verification.

HTTP flood DDoS (Distributed Denial of Service) attacks send illegitimate HTTP requests to the targeted site or server. These kinds of attacks corrupt the networks with the help of massive attacking nodes thus blocking incoming traffic. Computer network connected devices are the major source to distributed denial of service attacks (or) botnet attacks. The computer manufacturers rapidly increase the network devices as per the requirement increases in the different environmental needs. Generally the manufacturers cannot ship computer network products with high level security. Those network products require additional security to prevent the DDoS attacks. The present technology is filled with 4G that will impact DDoS attacks. The million DDoS attacks had experienced in every year by companies or individuals. DDoS attack in a network would lead to loss of assets, data and other resources. Purchasing the new equipment and repair of the DDoS attacked network is financially becomes high in the value. The prevention mechanisms like CAPTCHA are now outdated to the bots and which are solved easily by the advanced bots. In the proposed work a secured botnet prevention mechanism provides network security by prevent and mitigate the http flooding based DDoS attack and allow genuine incoming traffic to the application or server in a network environment with the help of integrating invisible challenge and Resource Request Rate algorithms to the application. It offers double security layer to handle malicious bots to prevent and mitigate.

In this paper, we studies secure wireless transmission using polar codes which based on self-coupling encryption for relay-wiretap channel. The coding scheme proposed in this paper divide the confidential message into two parts, one part used to generate key through a specific extension method, and then use key to perform coupling encryption processing on another part of the confidential message to obtain the ciphertext. The ciphertext is transmitted in the split-channels which are good for relay node, legitimate receiver and eavesdropper at the same time. Legitimate receiver can restore key with the assistance of relay node, and then uses the joint successive cancellation decoding algorithm to restore confidential message. Even if eavesdropper can correctly decode the ciphertext, he still cannot restore the confidential message due to the lack of key. Simulation results show that compared with the previous work, our coding scheme can increase the average code rate to some extent on the premise of ensuring the reliability and security of transmission.

In the recent years, we have witnessed quite notable cyber-attacks targeting industrial automation control systems. Upgrading their cyber security is a challenge, not only due to long equipment lifetimes and legacy protocols originally designed to run in air-gapped networks. Even where multiple data sources are available and collection established, data interpretation usable across the different data sources remains a challenge. A modern hydro power plant contains the data sources that range from the classical distributed control systems to newer IoT- based data sources, embedded directly within the plant equipment and deeply integrated in the process. Even abundant collected data does not solve the security problems by itself. The interpretation of data semantics is limited as the data is effectively siloed. In this paper, the relevance of semantic integration of diverse data sources is presented in the context of a hydro power plant. The proposed semantic integration would increase the data interoperability, unlocking the data siloes and thus allowing ingestion of complementary data sources. The principal target of the data interoperability is to support the data-enhanced cyber security in an operational hydro power plant context. Furthermore, the opening of the data siloes would enable additional usage of the existing data sources in a structured semantically enriched form.

The new paradigm software-defined networking (SDN) supports network innovation and makes the control of network operations more agile. The flow table is the main component of SDN switch which contains a set of flow entries that define how new flows are processed. Low-rate distributed denial-of-service (LR-DDoS) attacks are difficult to detect and mitigate because they behave like legitimate users. There are many detection methods for LR DDoS attacks in the literature, but none of these methods detect single-packet LR DDoS attacks. In fact, LR DDoS attackers exploit vulnerabilities in the mechanism of congestion control in TCP to either periodically retransmit burst attack packets for a short time period or to continuously launch a single attack packet at a constant low rate. In this paper, the proposed scheme detects LR-DDoS by examining all incoming packets and filtering the single packets sent from different source IP addresses to the same destination at a constant low rate. Sending single packets at a constant low rate will increase the number of flows at the switch which can make it easily overflowed. After detecting the single attack packets, the proposed scheme prevents LR-DDoS at its early stage by deleting the flows created by these packets once they reach the threshold. According to the results of the experiment, the scheme achieves 99.47% accuracy in this scenario. In addition, the scheme has simple logic and simple calculation, which reduces the overhead of the SDN controller.

With the future 6G era, spiking neural networks (SNNs) can be powerful processing tools in various areas due to their strong artificial intelligence (AI) processing capabilities, such as biometric recognition, AI robotics, autonomous drive, and healthcare. However, within Cyber Physical System (CPS), SNNs are surprisingly vulnerable to adversarial examples generated by benign samples with human-imperceptible noise, this will lead to serious consequences such as face recognition anomalies, autonomous drive-out of control, and wrong medical diagnosis. Only by fully understanding the principles of adversarial attacks with adversarial samples can we defend against them. Nowadays, most existing adversarial attacks result in a severe accuracy degradation to trained SNNs. Still, the critical issue is that they only generate adversarial samples by randomly adding, deleting, and flipping spike trains, making them easy to identify by filters, even by human eyes. Besides, the attack performance and speed also can be improved further. Hence, Spike Probabilistic Attack (SPA) is presented in this paper and aims to generate adversarial samples with more minor perturbations, greater model accuracy degradation, and faster iteration. SPA uses Poisson coding to generate spikes as probabilities, directly converting input data into spikes for faster speed and generating uniformly distributed perturbation for better attack performance. Moreover, an objective function is constructed for minor perturbations and keeping attack success rate, which speeds up the convergence by adjusting parameters. Both white-box and black-box settings are conducted to evaluate the merits of SPA. Experimental results show the model's accuracy under white-box attack decreases by 9.2S% 31.1S% better than others, and average success rates are 74.87% under the black-box setting. The experimental results indicate that SPA has better attack performance than other existing attacks in the white-box and better transferability performance in the black-box setting,

Today, many internet-based applications, especially e-commerce and banking applications, require the transfer of personal data and sensitive data such as credit card information, and in this process, all operations are carried out over the Internet. Users frequently perform these transactions, which require high security, on web sites they access via web browsers. This makes the browser one of the most basic software on the Internet. The security of the communication between the user and the website is provided with SSL certificates, which is used for server authentication. Certificates issued by Certificate Authorities (CA) that have passed international audits must meet certain conditions. The criteria for the issuance of certificates are defined in the Baseline Requirements (BR) document published by the Certificate Authority/Browser (CA/B) Forum, which is accepted as the authority in the WEB Public Key Infrastructure (WEB PKI) ecosystem. Issuing the certificates in accordance with the defined criteria is not sufficient on its own to establish a secure SSL connection. In order to ensure a secure connection and confirm the identity of the website, the certificate validation task falls to the web browsers with which users interact the most. In this study, a comprehensive SSL certificate public key infrastructure (SSL Test Suite) was established to test the behavior of web browsers against certificates that do not comply with BR requirements. With the designed test suite, it is aimed to analyze the certificate validation behaviors of web browsers effectively.

Data security is a vast term that doesn’t have any limits, but there are a certain amount of tools and techniques that could help in gaining security. Honeypot is among one of the tools that are designated and designed to protect the security of a network but in a very dissimilar manner. It is a system that is designed and developed to be compromised and exploited. Honeypots are meant to lure the invaders, but due to advancements in computing systems parallelly, the intruding technologies are also attaining their gigantic influence. In this research work, an approach involving apache-spark (a Big Data Technique) would be introduced in order to use it with the Honeypot System. This work includes an extensive study based on several research papers, through which elaborated experiment-based result has been expressed on the best known open-source honeypot systems. The preeminent possible method of using The Honeypot with apache spark in the sequential channel would also be proposed with the help of a framework diagram.

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction, with statements such as "web browsing is allowed only on workstations inside the office network", and needs to be translated into low-level firewall rules to be enforceable. There has been a lot of work regarding optimization, analysis and platform independence of firewall rules, but an area that has seen much less success is automatic translation of high-level security policies into firewall rules. In addition to improving rules’ readability, such translation would make it easier to detect errors.This paper surveys of over twenty papers that aim to generate firewall rules according to a security policy specified on a higher level of abstraction. It also presents an overview of similar features in modern firewall systems. Most approaches define specialized domain languages that get compiled into firewall rule sets, with some of them relying on formal specification, ontology, or graphical models. The approaches’ have improved over time, but there are still many drawbacks that need to be solved before wider application.

The purpose of this research work is to develop an approach based on risk management with a view to provide managers and decision-makers with assistance and appropriate guidelines to combine Lean and Green in a successful and integrated way. Risk cannot be managed if not well-identified; hence, a classification of supply chain risks in a Lean Green context was provided. Subsequently to risk identification an approach based on Weighted Product Method (WPM) was proposed; for risk assessment and prioritization, for its ease of use, flexibility and board adaptability. The output of this analysis provides visibility about organization's position toward desired performance and underlines crucial risks to be addressed which marks the starting point of the way to performance improvement. A case study was introduced to demonstrate the applicability and relevance of the developed framework.

To keep up with the continuous modernization of web applications and to facilitate their development, a large number of new features are introduced to the web platform every year. Although new web features typically undergo a security review, issues affecting the privacy and security of users could still surface at a later stage, requiring the deprecation and removal of affected APIs. Furthermore, as the web evolves, so do the expectations in terms of security and privacy, and legacy features might need to be replaced with improved alternatives. Currently, this process of deprecating and removing features is an ad-hoc effort that is largely uncoordinated between the different browser vendors. This causes a discrepancy in terms of compatibility and could eventually lead to the deterrence of the removal of an API, prolonging potential security threats. In this paper we propose a progressive security mechanism that aims to facilitate and standardize the deprecation and removal of features that pose a risk to users’ security, and the introduction of features that aim to provide additional security guarantees.

Neural program embeddings have demonstrated considerable promise in a range of program analysis tasks, including clone identification, program repair, code completion, and program synthesis. However, most existing methods generate neural program embeddings di-rectly from the program source codes, by learning from features such as tokens, abstract syntax trees, and control flow graphs. This paper takes a fresh look at how to improve program embed-dings by leveraging compiler intermediate representation (IR). We first demonstrate simple yet highly effective methods for enhancing embedding quality by training embedding models alongside source code and LLVM IR generated by default optimization levels (e.g., -02). We then introduce IRGEN, a framework based on genetic algorithms (GA), to identify (near-)optimal sequences of optimization flags that can significantly improve embedding quality. We use IRGEN to find optimal sequences of LLVM optimization flags by performing GA on source code datasets. We then extend a popular code embedding model, CodeCMR, by adding a new objective based on triplet loss to enable a joint learning over source code and LLVM IR. We benchmark the quality of embedding using a rep-resentative downstream application, code clone detection. When CodeCMR was trained with source code and LLVM IRs optimized by findings of IRGEN, the embedding quality was significantly im-proved, outperforming the state-of-the-art model, CodeBERT, which was trained only with source code. Our augmented CodeCMR also outperformed CodeCMR trained over source code and IR optimized with default optimization levels. We investigate the properties of optimization flags that increase embedding quality, demonstrate IRGEN's generalization in boosting other embedding models, and establish IRGEN's use in settings with extremely limited training data. Our research and findings demonstrate that a straightforward addition to modern neural code embedding models can provide a highly effective enhancement.

Vendor cybersecurity risk assessment is of critical importance to smart city infrastructure and sustainability of the autonomous mobility ecosystem. Lack of engagement in cybersecurity policies and process implementation by the tier companies providing hardware or services to OEMs within this ecosystem poses a significant risk to not only the individual companies but to the ecosystem overall. The proposed quantitative method of estimating cybersecurity risk allows vendors to have visibility to the financial risk associated with potential threats and to consequently allocate adequate resources to cybersecurity. It facilitates faster implementation of defense measures and provides a useful tool in the vendor selection process. The paper focuses on cybersecurity risk assessment as a critical part of the overall company mission to create a sustainable structure for maintaining cybersecurity health. Compound cybersecurity risk and impact on company operations as outputs of this quantitative analysis present a unique opportunity to strategically plan and make informed decisions towards acquiring a reputable position in a sustainable ecosystem. This method provides attack trees and assigns a risk factor to each vendor thus offering a competitive advantage and an insight into the supply chain risk map. This is an innovative way to look at vendor cybersecurity posture. Through a selection of unique industry specific parameters and a modular approach, this risk assessment model can be employed as a tool to navigate the supply base and prevent significant financial cost. It generates synergies within the connected vehicle ecosystem leading to a safe and sustainable economy.

While cloud-based deep learning benefits for high-accuracy inference, it leads to potential privacy risks when exposing sensitive data to untrusted servers. In this paper, we work on exploring the feasibility of steganography in preserving inference privacy. Specifically, we devise GHOST and GHOST+, two private inference solutions employing steganography to make sensitive images invisible in the inference phase. Motivated by the fact that deep neural networks (DNNs) are inherently vulnerable to adversarial attacks, our main idea is turning this vulnerability into the weapon for data privacy, enabling the DNN to misclassify a stego image into the class of the sensitive image hidden in it. The main difference is that GHOST retrains the DNN into a poisoned network to learn the hidden features of sensitive images, but GHOST+ leverages a generative adversarial network (GAN) to produce adversarial perturbations without altering the DNN. For enhanced privacy and a better computation-communication trade-off, both solutions adopt the edge-cloud collaborative framework. Compared with the previous solutions, this is the first work that successfully integrates steganography and the nature of DNNs to achieve private inference while ensuring high accuracy. Extensive experiments validate that steganography has excellent ability in accuracy-aware privacy protection of deep learning.

To solve the problem of an excessive number of component vulnerabilities and limited defense resources in industrial cyber physical systems, a method for analyzing security critical components of system is proposed. Firstly, the components and vulnerability information in the system are modeled based on SysML block definition diagram. Secondly, as SysML block definition diagram is challenging to support direct analysis, a block security dependency graph model is proposed. On this basis, the transformation rules from SysML block definition graph to block security dependency graph are established according to the structure of block definition graph and its vulnerability information. Then, the calculation method of component security importance is proposed, and a security critical component analysis tool is designed and implemented. Finally, an example of a Drone system is given to illustrate the effectiveness of the proposed method. The application of this method can provide theoretical and technical support for selecting key defense components in the industrial cyber physical system.

The static and dynamic malware analysis are used by industrialists and academics to understand malware capabilities and threat level. The antimalware industries calculate malware threat levels using different techniques which involve human involvement and a large number of resources and analysts. As malware complexity, velocity and volume increase, it becomes impossible to allocate so many resources. Due to this reason, it is projected that the number of malware apps will continue to rise, and that more devices will be targeted in order to commit various sorts of cybercrime. It is therefore necessary to develop techniques that can calculate the damage or threat posed by malware automatically as soon as it is identified. In this way, early warnings about zero-day (unknown) malware can assist in allocating resources for carrying out a close analysis of it as soon as it is identified. In this paper, a fuzzy modelling approach is described for calculating the potential risk of malicious programs through static malware analysis.

A dual-image watermarking approach is presented in this research. The presented work utilizes the properties of Hessenberg decomposition, Redundant discrete wavelet transform (RDWT), Discrete cosine transform (DCT) and Singular value decomposition (SVD). For watermarking, the YCbCr color space is employed. Two watermark logos are for embedding. A YCbCr format conversion is performed on the RGB input image. The host image's Y and Cb components are divided into various sub-bands using RDWT. The Hessenberg decomposition is applied on high-low and low-high components. After that, SVD is applied to get dominant matrices. Two different logos are used for watermarking. Apply RDWT on both watermark images. After that, apply DCT and SVD to get dominant matrices of logos. Add dominant matrices of input host and watermark images to get the watermarked image. Average PSNR, MSE, Structural similarity index measurement (SSIM) and Normalized correlation coefficient (NCC) are used as the performance parameters. The resilience of the presented work is tested against various attacks such as Gaussian low pass filter, Speckle noise attack, Salt and Pepper, Gaussian noise, Rotation, Median and Average filter, Sharpening, Histogram equalization and JPEG compression. The presented scheme is robust and imperceptible when compared with other schemes.

The rapid development of network information technology, individual’s information networks security has become a very critical issue in our daily life. Therefore, it is necessary to study the malware propagation model system. In this paper, the traditional integer order malware propagation model system is extended to the field of fractional-order. Then we analyze the asymptotic stability of the fractional-order malware propagation model system when the equilibrium point is the origin and the time delay is 0. Next, the asymptotic stability and bifurcation analysis of the fractional-order malware propagation model system when the equilibrium point is the origin and the time delay is not 0 are carried out. Moreover, we study the asymptotic stability of the fractional-order malware propagation model system with an interior equilibrium point. In the end, so as to verify our theoretical results, many numerical simulations are provided.

Physical layer secret key exploits the random but reciprocal channel features between legitimate users to encrypt their data against fiber-tapping. We propose a novel tapping-based eavesdropper scheme, leveraging its tapped signals from legitimate users to reconstruct their common features and the secret key.

The rising use of smartphones each year is matched by the development of the smartphone's operating system, Android. Due to the immense popularity of the Android operating system, many unauthorized users (in this case, the attackers) wish to exploit this vulnerability to get sensitive data from every Android user. The flubot malware assault, which happened in 2021 and targeted Android devices practically globally, is one of the attacks on Android smartphones. It was known at the time that the flubot virus stole information, particularly from banking applications installed on the victim's device. To prevent this from happening again, we research the signature and behavior of flubot malware. In this study, a hybrid analysis will be conducted on three samples of flubot malware that are available on the open-source Hatching Triage platform. Using the Android Virtual Device (AVD) as the primary environment for malware installation, the analysis was conducted with the Android Debug Bridge (ADB) and Burpsuite as supporting tools for dynamic analysis. During the static analysis, the Mobile Security Framework (MobSF) and the Bytecode Viewer were used to examine the source code of the three malware samples. Analysis of the flubot virus revealed that it extracts or drops dex files on the victim's device, where the file is the primary malware. The Flubot virus will clone the messaging application or Short Message Service (SMS) on the default device. Additionally, we discovered a form of flubot malware that operates as a Domain Generation Algorithm (DGA) and communicates with its Command and Control (C&C) server.

Generative adversarial networks (GANs) have been increasingly popular among deep learning methods. With many GANs-based models developed since its emergence, among which are conditional generative adversarial networks, progressive growing of generative adversarial networks, Wasserstein generative adversarial networks and so on. These frameworks are currently widely applied in areas such as remote sensing cybersecurity, medical, and architecture. Especially, they have solved problems of cloud removal, semantic segmentation, image-to-image translation and data argumentation in remote sensing. For example, WGANs and ProGANs can be applied in data argumentation, and cGANs can be applied in semantic argumentation and image-to-image translation. This article provides an overview of structures of multiple GANs-based models and what areas they can be applied in remote sensing.

Since data security is an important branch of the wide concept of security, using simple and interpretable data security methods is deemed necessary. A considerable volume of data that is transferred through the internet is in the form of image. Therefore, several methods have focused on encrypting and decrypting images but some of the conventional algorithms are complex and time consuming. On the other hand, denial method or steganography has attracted the researchers' attention leading to more security for transferring images. This is because attackers are not aware of encryption on images and therefore they do not try to decrypt them. Here, one of the most effective and simplest operators (XOR) is employed. The received shares in destination only with XOR operation can recover original images. Users are not necessary to be familiar with computer programing, data coding and the execution time is lesser compared to chaos-based methods or coding table. Nevertheless, for designing the key when we have messy images, we use chaotic functions. Here, in addition to use the XOR operation, eliminating the pixel expansion and meaningfulness of the shared images is of interest. This method is simple and efficient and use both encryption and steganography; therefore, it can guarantee the security of transferred images.

Derivatives are key to numerous science, engineering, and machine learning applications. While existing tools generate derivatives of programs in a single language, modern parallel applications combine a set of frameworks and languages to leverage available performance and function in an evolving hardware landscape. We propose a scheme for differentiating arbitrary DAG-based parallelism that preserves scalability and efficiency, implemented into the LLVM-based Enzyme automatic differentiation framework. By integrating with a full-fledged compiler backend, Enzyme can differentiate numerous parallel frameworks and directly control code generation. Combined with its ability to differentiate any LLVM-based language, this flexibility permits Enzyme to leverage the compiler tool chain for parallel and differentiation-specitic optimizations. We differentiate nine distinct versions of the LULESH and miniBUDE applications, written in different programming languages (C++, Julia) and parallel frameworks (OpenMP, MPI, RAJA, Julia tasks, MPI.jl), demonstrating similar scalability to the original program. On benchmarks with 64 threads or nodes, we find a differentiation overhead of 3.4–6.8× on C++ and 5.4–12.5× on Julia.